IBM Security Bulletin: Power Systems Firmware affected by vulnerability in OpenSSL (CVE-2016-0797)

Power Systems Firmware affected by vulnerability in OpenSSL (CVE-2016-0797)

CVE(s): CVE-2016-0797

Affected product(s) and affected version(s):

Affected Firmware Versions(840)
840.00: 01SV840_056_056, 01SC840_056_056
840.10: 01SV840_079_056, 01SC840_079_056
840.11: 01SV840_087_056, 01SC840_087_056

Firmware 840 Affected Products:
IBM Power System S822 (8284-22A)
IBM Power System S814 (8286-41A)
IBM Power System S824 (8286-42A)
IBM Power System S812L (8247-21L)
IBM Power System S822L (8247-22L)
IBM Power System S824L (8247-42L)
IBM Power System E850 (8408-E8E)
IBM Power System E870 (9119-MME)
IBM Power System E880 (9119-MHE)

Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: http://ift.tt/1X0wQ2W
X-Force Database: http://ift.tt/1Tg5wqQ



from IBM Product Security Incident Response Team http://ift.tt/1UhQNfo